Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
Jenkins Self-Organizing Swarm Plug-in Modules Plugin XXE vulnerability via UDP broadcast response Moderate
CVE-2019-10309 was published for org.jenkins-ci.plugins:swarm (Maven) May 24, 2022
Libraries/Nop.Services/Localization/LocalizationService.cs in nopCommerce through 4.10 allows XXE... Moderate Unreviewed
CVE-2019-11519 was published May 24, 2022
An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console... Moderate Unreviewed
CVE-2018-17289 was published May 24, 2022
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain... Moderate Unreviewed
CVE-2010-3322 was published May 17, 2022
Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote attackers to read arbitrary files... Moderate Unreviewed
CVE-2012-2239 was published May 17, 2022
Zend Framework XXE Vulnerability Moderate
CVE-2012-5657 was published for zendframework/zendframework1 (Composer) May 17, 2022
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3... Moderate Unreviewed
CVE-2012-3489 was published May 17, 2022
SOAPpy vulnerable to XML External Entity attacks Moderate
CVE-2014-3242 was published for SOAPpy (pip) May 17, 2022
PHPExcel vulnerable to XXE attacks through libxml Moderate
CVE-2014-2054 was published for phpoffice/phpexcel (Composer) May 17, 2022
Apache Solr UpdateRequestHandler for XML resolves XML External Entities Moderate
CVE-2013-6407 was published for org.apache.solr:solr-core (Maven) May 17, 2022
MarkLee131
XML External Entity Reference in RESTEasy Moderate
CVE-2014-7839 was published for org.jboss.resteasy:resteasy-jaxrs (Maven) May 17, 2022
The XML parser in IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0... Moderate Unreviewed
CVE-2016-0284 was published May 17, 2022
ZendXml and Zend Framework contain XXE and XEE Vulnerabilities Moderate
CVE-2015-5161 was published for zendframework/zendframework (Composer) May 17, 2022
XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote... Moderate Unreviewed
CVE-2015-7743 was published May 17, 2022
Improper Restriction of XML External Entity Reference in Openpyxl Moderate
CVE-2017-5992 was published for openpyxl (pip) May 17, 2022
chenghlee
XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read... Moderate Unreviewed
CVE-2017-6344 was published May 17, 2022
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. Moderate Unreviewed
CVE-2016-4931 was published May 17, 2022
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML... Moderate Unreviewed
CVE-2016-5749 was published May 17, 2022
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access... Moderate Unreviewed
CVE-2016-5748 was published May 17, 2022
WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity ... Moderate Unreviewed
CVE-2017-8056 was published May 17, 2022
XXE vulnerability in Hitachi Device Manager before 8.5.2-01 and Hitachi Replication Manager... Moderate Unreviewed
CVE-2017-9295 was published May 17, 2022
An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to... Moderate Unreviewed
CVE-2017-2308 was published May 17, 2022
IBM Cognos Business Intelligence 10.1 and 10.2 is vulnerable to a denial of service, caused by an... Moderate Unreviewed
CVE-2016-0254 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database